Top 5 Stories


Nokia shuts down developer site after members' data was compromised

29 August 2011

Finnish cell phone maker Nokia has suspended its developer forum website after a hacker gained access to the forum members’ information.

Nokia said in an emailed statement that its developer site would be taken offline until “further investigations and security assessments were complete”, according to a report by the Wall Street Journal.

The company said that members’ personal information, including email addresses and dates of birth, was compromised.

“After further detailed investigations, we identified security flaws on the forums discussion website, which enabled a database table containing developer forum members’ records to be accessed. The records include members’ email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo”, Nokia said in the statement as reported by the newspaper.

Sensitive information, such as passwords and credit card numbers, was not compromised, according to Nokia. “Though we have no evidence of any misuse, we believe the potential risk is an increase in unsolicited email”, the company added.

A hacker by the name of “pr0tect0r AKA mrNRG” claimed responsibility for the attack.

Nokia said that the hacker exploited a flaw in the bulletin board software it was using for the forum using an SQL injection attack, according to a report by Slash Gear.

This article is featured in:
Application Security  •  Data Loss  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×